package wiki.kaizen.cloud.security.session.config;

import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.UnauthorizedException;
import org.springframework.core.annotation.Order;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.RestControllerAdvice;
import wiki.kaizen.cloud.security.session.properties.SecurityProperties;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * shiro 全局异常处理
 * */
@RestControllerAdvice
@Order(Integer.MAX_VALUE - 1)
public class ShiroExceptionAdvice {

    private final String  unauthorizedUrl;

    public ShiroExceptionAdvice(SecurityProperties securityProperties) {
        this.unauthorizedUrl = securityProperties.getSecurityFilter().getUnauthorizedUrl();
    }

    @ExceptionHandler(value = {AuthorizationException.class, UnauthorizedException.class})
    public void bindException(HttpServletRequest request , HttpServletResponse response) throws IOException {
        response.sendRedirect(request.getContextPath() + unauthorizedUrl);
    }

}
